Legal claims defining the scope of protection, as filed with the USPTO.
3. The system of claim 1, wherein the IoC datastore stores data received from a threat data provider external to the data network and also stores data from analysis performed within the data network.
4. The system of claim 1, wherein the key-field is one of the group consisting of Internet Protocol (IP) address, domain name, and file hash.
5. The system of claim 4, wherein the undecorated data object enters the decorator pipeline with a hash-value generated by hashing a file of an operation of the data network, and wherein the decorator pipeline is configured to identify the identified IoC based on a matching of a hash-field of the IoC with the hash-value.
8. The computer-readable media of claim 6, wherein the IoC datastore stores data received from a threat data provider external to the data network and also stores data from analysis performed within the data network.
9. The computer-readable media of claim 6, wherein the key-field is one of the group consisting of Internet Protocol (IP) address, domain name, and file hash.
10. The computer-readable media of claim 9, wherein the undecorated data object enters the decorator pipeline with a hash-value generated by hashing a file of an operation of the data network, and wherein the decorator pipeline is configured to identify the identified IoC based on a matching of a hash-field of the IoC with the hash-value.
12. The method of claim 11, wherein the IoC datastore stores data received from a threat data provider external to the data network and also stores data from analysis performed within the data network.
13. The method of claim 11, wherein the key-field is one of the group consisting of Internet Protocol (IP) address, domain name, and file hash.
14. The method of claim 13 wherein the undecorated data object enters the decorator pipeline with a hash-value generated by hashing a file of an operation of the data network, and wherein the decorator pipeline is configured to identify the identified IoC based on a matching of a hash-field of the IoC with the hash-value.
15. The system of claim 1, wherein the IoC datastore maintains, separate from the event datastore, a copy of each IoC such that each IoC stored redundantly by the event datastore is also stored in the IoC datastore.
16. The system of claim 1, wherein the event datastore is configured to arrange the memory locations in contiguously and next to each other on disk.
Unknown
December 20, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.